KBC bank app detected root

[tomkeysers]

Running Resurrection Remix on a Oneplus One. Starting today the KBC banking app (com.kbc.mobile.android.phone.kbc) started blocking rooted phones. Using Magisk v19.0 - Magisk Manager v7.1.1

Tried everything I could find:

• Hid the banking app
• Hid the magisk manager
• Enabled magisk core only
• Disabled android debugging

And rebooted in between steps, deleted app and reinstalled, SafetyNet passes everything... yet this KBC banking app still detects root.

Any suggestions what I could try next?

[topjohnwu]

1152

[kleajmp]

I have the same issue with the KBC app, it is quite an important app so I'm going to invest some time to spit this out. Is there any way to monitor how exactly an app (like com.kbc.mobile.android.phone.kbc) is detecting root?

However, this is not reliable and practical. There are apps that utilize native libraries to start detects and register SIGCONT signal handlers to mitigate all existing MagiskHide process monitoring mechanism. So our only solution is to hijack an app BEFORE it is started.

What do you mean with it? The app or a certain service? I'm quite new to java but I have some programming experience so I'll try to do my best to figure it out. Any tips from experienced users to get me started?

[TrippyTechLlama]

I don't have any problems using kbc with magisk, just make sure that you select "hide magisk manager" in magisk settings because kbc seems to check if magisk is installed, but only for it's original package name. Also make sure that you reset the data from the kbc app after you have hidden magisk

[tomkeysers]

@ninjawulf98 and which rom are you using?

I basically did every step possible in magisk by the book, also hiding it, all before I did a clean install of kbc.

[TrippyTechLlama]

I am currently running crdroid on a oneplus 5, also did you uninstall other apps that are root related, like root checkers, supersu, etc. because I am pretty sure kbc checks them as well. Perhaps you could switch roms but I am not sure if that is really going to solve the problem.

[tomkeysers]

@ninjawulf98 I might actually have had a couple of root checkers, which I installed amid the whole hassle in the beginning ... so actually might have been the/a cause. Sure will keep that in mind!

But shortly after posting this issue I actually switched to ArrowOS, without magisk, and since then all banking apps run like a charm again. So I'm guessing ArrowOS, since it doesn't provide 'root customisations' isn't being seen a vulnerability to those apps.

[TrippyTechLlama]

@tomkeysers Something else that might have been it, but magisk might hide this (not sure tbh) is that some roms might set in your build.prop, ro.build.tags to test-keys instead of release-keys. I've had some apps in the past like Yelo Play that "detected root" because of this

[Koluy]

Hi, 100% working for kbc

Remove and reinstall Kbc app

1. Hide in settings 2.hide your kbc app
2. Select basicmod and reboot. Done

Spec: Manager: v7.3.5 zip 19.4 and v20 Phone: blackview p6000 Custom LiteRom 7.1.1

[sebakerckhof]

@Koluy what do you mean with ' Select basicmod ' ?

[matttbe]

Hello,

Just in case others are still looking at a way to use the KBC / CBC Mobile app on a (secure) phone with Android 10 (and root), hiding Magisk Manager is indeed mandatory.

Just in case, I am also using the canary version and trusteer.com is blacklisted in Adaway (not sure it is used by this app but others required it). Note that you can also use KBC / CBC PhoneChecker app to verify if everything is OK.